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Title: METHOD AND APPARATUS FOR REVOCATION LIST MANAGEMENT 



APPLICANTS' REPLY BRIEF 



Mail Stop Appeal Brief -Patents 

Commissioner for Patents 
P.O. Box 1450 
Aiexandria, VA 22313-1450 

Sir: 

(n response to the Examiner's Answer of August 11, 2006, please consider 
the following remarks. Please charge Deposit Account No. 50-3649 for any required 
extension of time or excess claim fees for filing this paper. 

This paper includes (each beginning on a separate sheet): 

1 . Remarks / Discussion of issues; and 

2. The claims on appeal. 
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REMARKS / DISCUSSION OF ISSUES 



Appellant maintains the arguments submitted in the Appeal Brief mailed on 

May 26. 2005, which are incorporated herein by reference and refute the alfegations 

made in the Examiner's Answer. In particular, Appellant respectfully refutes the 

allegation on page 10, lines 1-2 of the Examiner's Answer that defines the contact list 

as the list of digital certificates reciting: 

The Clearing house maintains a list of digital certificates 
(Contact list) that are i ssued to a valid entity . (Emphasis 
added) 

It is respectfully submitted that the present invention as recited in independent 
claims 1 and 17, and similarly recited in independent claim 16, amongst other 
patentable elements, requires: 



A contact list comprising information identifying one or more other entities 
which have attempted to communicate with the given entity is nowhere taught or 
suggested in Gruse. Further, the list of digital certificates maintained by the Gruse 
clearinghouse is NOT a contact list of entities which have attempted to 
communicate with the given entity. Rather, as correctly noted by the Examiner in the 
very same sentence on page 10, lines 1-2 of the Examiner's Answer reproduced 
above, the list of digital certificates is issued by the Gruse clearinghouse to a valid 
entity . Column 45, lines 4-5 of Gruse specifically recite that: 



Even assuming, arguendo, that the Gruse clearinghouse maintains a contact 
list of entities communicated with, it is still respectfully submitted that does not teach 
or suggest a contact list of entities which have attempted to communicate with the 
given entity, as recited in independent claims 1 and 16-17. 



a contact list comprising information identifying one or more 
other entities which have attempted to communicate with 
the given entity. (Illustrative emphasis added) 



The Clearinghouse(s) 105 maintains a database of digital 
certificates that it has assigned . (Emphasis added) 
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Accxjrdingly. it Is respectfully submitted thai independent claims 1 and 15-17 
are allowable, and allowance thereof is respectfully requested. In addition, it is 
respectfully submitted that claims 2-15 and 18^20 should also be allowed at least 
based on their dependence from independent claims 1 and 16-17, 

In addition, Appellant denies any statement position or averment of the 
Examiner that is not specifically addressed by the foregoing argument and response. 
Any rejections and/or points of argument not addressed would appear to be moot in 
view of the presented remarks. However, the Appellant reserves the right to submit 
further arguments in support of the above stated position, should that become 
necessary. No arguments are waived and none of the Examiner's statements are 



In view of the above, it is respectfully submitted that the present application is 
in condition for allowance, and a Notice of Allowance is earnestly solicited. 



Appendix: Claims 1-20 



THORNE & HAU\JIAN. LLP 
Applied Technology Center 
111 West Main Street 
Bay Shore, NY 11706 
Tel: (631)665-5139 
Fax: {631)665-5101 



conceded. 



Respectfully submitted. 



Dicran Halajian, Reg. 3^03 
Attorney for Appellant 
September 25. 2006 
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THE CLAIMS ON APPEAL 



1. (Original) A method for controlling access to inforination, the method 
comprising the steps of: 

maintaining, for a given entity controlling access to the information, a contact 
list comprising information identifying one or more other entities which have 
attempted to communicate with the given entity; and 

utilizing the contact list in conjunction with a revocation list associated with the 
given entity to determine which of at least a subset of the one or more other entities 
are authorized to communicate with the given entity. 

2. (Original) The method of claim 1 wherein the given entity and at least a 
subset of the one or more other entities each comprise a consumer electronics 
device. 

3. (Original) The method of claim 1 wherein the maintaining and utilizing steps 
are implemented in an access control system associated with the given entity. 

4. (Original) The method of claim 3 wherein the revocation list comprises a 
local revocation list stored in the access control system. 

5. (Original) The method of claim 1 wherein the contact list co.mprises a 
plurality of entries, each entry including at toast an identifier of a particular one of the 
other entities and a corresponding revocation flag indicating whether authorization of 
the particular entity has been revoked. 

6. (Original) The method of claim 5 further including the step of updating the 
contact list after a modification of the revocation list. 
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/.(Previously presented) The method of claim 6 wherein the step of updating 
the contact list after a modification of the revocation list further includes the steps of: 

identifying all of the entities in the contact list that do not have their 
corresponding revocation flag set; and 

detemnining. for each of the entities identified as being on the contact list but 
not having a set revocation flag, whether that entity fs on a modified local revocation 
fist, and if such an entity is determined to be on the modified local revocation list, 
setting its revocation flag in the contact list. 

8. (Original) The method of claim 5 further including the step of updating the 
contact list if a new entity not already included in the contact list attempts to 
communicate with the given entity. 

9. (Original) The method of claim 8 wherein the step of updating the contact 
list if a new entity not already Included in the contact list attempts to communicate 
with the given entity further includes the steps of: 

storing in the contact list an entity identifier for the new entity if there is 
sufficient space available in the contact list; and 

determining if the new entity is on the revocation list, and if it is. setting the 
corresponding revocation flag for the new entity in the contact list. 

10. (Original) The method of claim 9 further including the step of selecting a 
particular entry of the contact list for removal from the contact list if there is not 
sufficient space available in the contact list for the new entity. 

1 1. (Original) The method of claim 10 wherein tiie selecting step is 
implemented using a random or pseudo-random selection process. 
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12. (Original) The method of claim 5 wherein the cx^ntact list is configured 
such that the revocation flag of a particular entry may not be cleared once that flag 
has been set as long as that entry remains in the contact list. 

13. (Original) The method of claim 1 further including the step of periodically 
generating a digital signature for at least a portion of the contact list. 

14. (Original) The method of claim 13 further including the step of updating 
the digital signature each time the contact list is updated. 

15. (Original) The method of claim 1 wherein each of at least a subset of the 
other entities stores a contact list having entries corresponding to entities which have 
attempted to communicate with those other entities. 

16. (Original) An apparatus for controlling access to information, the 
apparatus comprisfng: 

a processor-based device for controlling access to the information, wherein 
the processor-based device is op>erative to maintain a contact list comprising 
infonmation Identifying one or more other entities which have attempted to 
communicate with the processor-based device, and to utilize the contact list in 
conjunction v^th a revocation list associated with the given entity to determine which 
of at least a subset of the one or more other entities are authorized to communicate 
with the processor-based device. 

17. (Original) An article of manufacture comprising a machine-readable 
storage medium containing one or more software programs for use in controlling 
access to information, wherein the programs when executed implement the steps of: 

maintaining, for a given entity controlling access to the information, a contact 
list comprising information identifying one or more other entities which have 
attempted to communicate with the given entity; and 
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Utilizing the contact list in conjunction with a revocation list associated with the 
given entity to determine which of at least a subset of the one or more other entities 
are authorized to communicate with the given entity. 

18. {Previously presented) The apparatus of Claim 16. wherein the contact 
list comprises a plurality of entries, each entry including at least an identifier of a 
particular one of the other entities and a corresponding revocation flag indicating 
whether authorization of the particular entity has been revoked. 

19. (Previously presented) The article of manufacture of Claim 17, wherein the 
contact list comprises a plurality of entries, each entry including at least an identifier 
of a particular one of the other entities and a corresponding revocation flag indicating 
whether authorization of the particular entity has been revoked. 

20. (Previous]y presented) The article of manufacture of Claim 19. wherein the 
programs when executed implement the further step of updating the contact list after 
a modification of the revocation list. 
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